# This controller handles the login/logout function of the site.  
class SessionsController < ApplicationController #:nodoc: all
  include AuthenticatedSystem
  def new
    redirect_to postings_url if logged_in?
    @user = User.new
  end

  def create
    self.current_user = User.authenticate(params[:email], params[:password])
    if logged_in?
      if params[:remember_me] == "1"
        self.current_user.remember_me
        cookies[:auth_token] = { :value => self.current_user.remember_token , :expires => self.current_user.remember_token_expires_at }
      end
      set_flash :success => "Logged in successfully"
      redirect_back_or_default('/postings')
    else
      set_flash :login_error => "No dice! <span>Please try again.</span>", :now => true
      @user = User.new
      render :action => 'new'
    end
  end

  def destroy
    self.current_user.forget_me if logged_in?
    cookies.delete :auth_token
    reset_session
    set_flash :notice => "You have been logged out."
    redirect_back_or_default('/')
  end
end
